<?php
include("./include/om_config.inc");
$smarty = new SmartyWWW();
if(!isset($_SESSION['s_activId']))
  header("Location:./login.php");
else
{
  $msg = "";
  if(isset($_POST['newPasswordSet']))
  {
    $selectQuery = "SELECT password 
                      FROM login 
                     WHERE userName = '".$_SESSION['s_activId']."'
                       AND password = '".$_POST['oldPassword']."'";
    $selectQueryResult = mysql_query($selectQuery);
    if($afectedAny = mysql_fetch_array($selectQueryResult))
    {
      if($afectedAny['password'] == $_POST['oldPassword'])
      {
        $updateQuery = "UPDATE login 
                           SET password = '".$_POST['newPassword']."' 
                         WHERE userName = '".$_SESSION['s_activId']."'
                           AND password = '".$_POST['oldPassword']."'";
        mysql_query($updateQuery);
        header("Location:./index.php");
      }
      else
        $msg = "Password Not Change";
      }
  }
  $smarty->assign("msg",$msg);
  $smarty->display("changePassword.tpl");
}
?>